package team.knowers.qzhserver.common.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import team.knowers.qzhserver.common.component.JwtAuthenticationTokenFilter;
import team.knowers.qzhserver.common.component.RestAuthenticationEntryPoint;
import team.knowers.qzhserver.common.component.RestfulAccessDeniedHandler;
import team.knowers.qzhserver.common.utils.JwtTokenUtil;

/**
 * @author xtg
 * @date 2024/2/11 22:25
 */
@Configuration
@EnableWebSecurity
public class CommonSecurityConfig {
    @Autowired
    private RestfulAccessDeniedHandler restfulAccessDeniedHandler;
    @Autowired
    private RestAuthenticationEntryPoint restAuthenticationEntryPoint;

    /**
     * 哈希处理，不可解密。校验过程是对输入密码哈希处理，看是否一致。避免数据库泄露出现密码丢失（因为是加密过的）
     *
     * @return 密码加密器
     */
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }



    @Bean
    public JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter() {
        return new JwtAuthenticationTokenFilter();
    }
    @Bean
    public JwtTokenUtil jwtTokenUtil(){
        return new JwtTokenUtil();
    }
    @Bean
    public IgnoreUrlsConfig ignoreUrlsConfig(){
        return new IgnoreUrlsConfig();
    }
}
